<?php
require_once '../includes/auth.php';
require_admin();

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    try {
        $stmt = $pdo->prepare("INSERT INTO users (username, password_hash, role) VALUES (?, ?, ?)");
        $password_hash = password_hash($_POST['password'], PASSWORD_BCRYPT);
        $stmt->execute([
            $_POST['username'],
            $password_hash,
            $_POST['role']
        ]);

        header('Location: index.php#users');
    } catch (PDOException $e) {
        die("用户创建失败: " . $e->getMessage());
    }
}